On Wed, 09 Mar 2011 23:29:16 +0100 "Fabio Pietrosanti (naif)" <lists@xxxxxxxxxxxxxxx> wrote: > On 3/9/11 11:20 PM, Robert Ransom wrote: > > Try running "man tor |grep -C5 OutboundBindAddress". > > You didn't got the technical need, the need is to redirect only TOR-exit > traffic. > > OutboundBindAddress make *all*, including intra-tor, communications go > trough that IP address: > "Make all outbound connections originate from the IP address specified. > This is only useful when you have multiple network interfaces, and you > want all of Torâs outgoing connections to use a single one." > > I've been thinking about a settings for TOR-Exit only traffic. > > > > > But I'm not surprised that someone who wants to perform content > > censorship on a Tor exit node is too clueless to find that Tor > > configuration option, or to find out that iptables can apply different > > rules to the user ID under which Tor is running. > Yes but that's more complex, with iptables you can redirect TCP ports, > but from your TOR node not all traffic going for example to port 80 is > http, but a lot of it it's TOR. > > If you redirect it to a transparent proxy you'll break intra-tor > communications, and so you can't just make an easy redirect with iptables. Ah! Now I get it. You want to censor non-HTTP connections on port 80, and probably Google searches for "Robert'); DROP TABLE Students;--" (a quote from one popular web comic) as well. I've opened a relevant enhancement ticket. See <https://trac.torproject.org/projects/tor/ticket/2697>. Robert Ransom
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk